Home / News

British Researchers Discover AI-Powered Technique That Can Extract Data Through Typing Sounds

Photo: Surasak Chuaymoo / Adobe Stock

A new study conducted by British researchers has unveiled a potentially concerning form of cyber threat where hackers can extract personal data just by listening to someone type. Using a specially-developed deep-learning algorithm, the researchers demonstrated that a hacker could interpret the unique sound of each keystroke to decipher the text being typed, achieving an astonishing 95% accuracy rate.

The findings suggest that obtaining these recordings is surprisingly uncomplicated. A simple cell phone microphone or even the audio function of popular conferencing software like Zoom could be manipulated to capture the sound of typing. Once obtained, the recorded audio can be processed through the algorithm, translating the keystrokes’ acoustic nuances into coherent text.

An AI-enhanced threat: The While the concept of using sound to capture data, termed an “acoustic side-channel attack,” isn’t novel, the integration of artificial intelligence capabilities makes these attacks particularly potent. The researchers caution that the real danger lies in the potential misuse of this technique to intercept sensitive information like passwords and other online credentials.

Attack scenarios: They noted, “The ubiquity of keyboard acoustic emanations not only presents an accessible avenue for cyberattacks but also might lead potential victims to disregard this vulnerability, believing their typing sounds to be inconspicuous.”

The practical application of such an attack presents multiple possibilities. An unsuspecting user could be targeted in a public space, like a coffee shop. Or, with advanced listening equipment, a cybercriminal could eavesdrop even through walls, emphasizing the need for heightened awareness and potential preventative measures against such sophisticated threats.

By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

Brand Protection

Sponsored byCSC

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

New TLDs

Sponsored byRadix

IPv4 Markets

Sponsored byIPv4.Global

DNS

Sponsored byDNIB.com

Cybersecurity

Sponsored byVerisign